Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/57b67d13-668d-43a5-a1d2-57244f46b9df.roa
File:                     57b67d13-668d-43a5-a1d2-57244f46b9df.roa (raw, json)
Hash identifier:          iYxqZxj6WG5eHqJNeTx7loZ6LP8vusdYyWf0yfZ70c8=
Subject key identifier:   3E:4D:89:00:E6:90:11:C7:EF:A0:1E:80:87:82:4B:C6:51:3C:8C:4C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6DBAC76CA653CDAC332EC0076EED88C044A175F2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/57b67d13-668d-43a5-a1d2-57244f46b9df.roa
Signing time:             Tue 07 Oct 2025 00:51:14 +0000
ROA not before:           Tue 07 Oct 2025 00:51:14 +0000
ROA not after:            Tue 11 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fee:8000::/39 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:ba:c7:6c:a6:53:cd:ac:33:2e:c0:07:6e:ed:88:c0:44:a1:75:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:51:14 2025 GMT
            Not After : Nov 11 23:59:59 2025 GMT
        Subject: serialNumber=32f80211da1ff8943db6ada0c3a512ae64627971dddf5fc370ad4947f5f9682c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:62:d9:14:1c:fa:ba:b4:e7:3c:78:69:91:6e:
                    c4:42:56:81:6b:f8:e9:83:d8:70:8b:0e:8d:e4:8b:
                    b3:0e:7e:47:99:49:56:f5:52:fe:b6:00:6f:37:97:
                    a3:64:e5:6b:35:a8:e1:24:74:ec:9b:41:67:fc:94:
                    68:3f:8a:8c:a6:63:c2:ec:0c:0f:53:e3:dd:10:f9:
                    0f:4f:ac:0e:5c:47:8b:d9:d6:5a:a3:5c:be:44:69:
                    1d:9a:e5:1f:d6:c3:5a:84:d4:af:f9:ec:90:e4:84:
                    08:fb:9f:eb:90:d6:c9:ef:a1:d7:67:4c:f1:81:05:
                    5a:78:87:b8:14:8f:f7:c2:e3:3b:7c:5f:9d:6c:db:
                    8b:ee:96:cd:3a:33:65:d5:7f:da:05:fa:3f:3d:5e:
                    48:8b:d6:99:3e:91:66:06:f9:b1:ab:da:b9:e2:82:
                    41:54:53:c1:2c:98:17:3f:46:fd:ee:2a:4e:4f:68:
                    ff:35:51:36:90:d9:68:b5:7d:91:dd:16:83:2e:44:
                    b2:4b:f9:b1:47:54:96:74:c6:8f:e9:eb:d3:8e:e3:
                    e2:f6:e1:4f:b5:17:44:4f:62:aa:9b:07:ec:df:55:
                    68:3d:f4:2c:cb:20:14:47:5b:59:96:85:aa:21:79:
                    02:05:fc:db:f4:a2:84:80:bc:3a:bd:a4:a3:40:18:
                    2d:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:4D:89:00:E6:90:11:C7:EF:A0:1E:80:87:82:4B:C6:51:3C:8C:4C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/57b67d13-668d-43a5-a1d2-57244f46b9df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fee:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         11:80:07:c7:64:7b:2b:7f:0c:78:bb:0a:f9:d8:a8:0e:40:b3:
         01:1f:46:f0:24:69:f1:c3:b9:16:a5:05:ec:48:fd:d6:09:32:
         95:2e:86:f9:f3:b6:0d:21:24:8b:e7:1a:93:bd:b0:44:10:24:
         37:0e:30:6a:2c:53:e5:ac:63:0c:9b:e3:20:71:18:42:74:f4:
         4d:bc:9a:3a:bc:6c:c9:91:cf:ee:44:ee:7c:92:47:9a:b2:86:
         25:54:8a:c5:f5:0d:ef:4b:6f:de:7b:d7:ed:4d:ec:75:29:24:
         55:b4:fa:d8:74:62:97:22:d1:0e:4e:54:5f:ce:c8:3a:76:d1:
         9b:86:8d:8f:53:d9:c5:78:c2:40:8c:bd:6d:d4:a0:55:d7:6f:
         34:d5:74:97:e6:61:1a:9e:bb:ab:15:f3:c8:6e:88:4e:fd:70:
         e0:1f:96:45:c8:c2:1d:7b:75:e6:cf:37:69:77:f8:77:a2:5e:
         f2:a0:3e:81:f6:15:0a:5d:dc:be:a2:6b:b4:d1:e1:60:6b:44:
         96:b5:98:ea:f2:41:ab:bb:12:37:c9:59:9b:be:0b:b2:38:2a:
         23:ee:02:b0:f9:47:85:55:4f:e2:8b:ac:a2:bc:84:d6:f3:18:
         cc:11:70:26:ff:e4:55:6e:0a:ac:63:7a:c7:a2:30:86:5c:c9:
         64:c1:9f:ce
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUbbrHbKZTzawzLsAHbu2IwEShdfIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA3MDA1MTE0WhcNMjUxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMmY4MDIxMWRhMWZmODk0M2RiNmFkYTBjM2E1MTJhZTY0
NjI3OTcxZGRkZjVmYzM3MGFkNDk0N2Y1Zjk2ODJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMYtkUHPq6tOc8eGmRbsRCVoFr+OmD2HCLDo3ki7MOfkeZ
SVb1Uv62AG83l6Nk5Ws1qOEkdOybQWf8lGg/ioymY8LsDA9T490Q+Q9PrA5cR4vZ
1lqjXL5EaR2a5R/Ww1qE1K/57JDkhAj7n+uQ1snvoddnTPGBBVp4h7gUj/fC4zt8
X51s24vuls06M2XVf9oF+j89XkiL1pk+kWYG+bGr2rnigkFUU8EsmBc/Rv3uKk5P
aP81UTaQ2Wi1fZHdFoMuRLJL+bFHVJZ0xo/p69OO4+L24U+1F0RPYqqbB+zfVWg9
9CzLIBRHW1mWhaoheQIF/Nv0ooSAvDq9pKNAGC39AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUPk2JAOaQEcfvoB6Ah4JLxlE8jEwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU3YjY3ZDEzLTY2OGQtNDNhNS1hMWQyLTU3MjQ0ZjQ2YjlkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB/ugDANBgkqhkiG9w0BAQsFAAOCAQEAEYAHx2R7K38MeLsK+dioDkCz
AR9G8CRp8cO5FqUF7Ej91gkylS6G+fO2DSEki+cak72wRBAkNw4waixT5axjDJvj
IHEYQnT0TbyaOrxsyZHP7kTufJJHmrKGJVSKxfUN70tv3nvX7U3sdSkkVbT62HRi
lyLRDk5UX87IOnbRm4aNj1PZxXjCQIy9bdSgVddvNNV0l+ZhGp67qxXzyG6ITv1w
4B+WRcjCHXt15s83aXf4d6Je8qA+gfYVCl3cvqJrtNHhYGtElrWY6vJBq7sSN8lZ
m74LsjgqI+4CsPlHhVVP4ousoryE1vMYzBFwJv/kVW4KrGN6x6IwhlzJZMGfzg==
-----END CERTIFICATE-----